Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/2b2878-5b79-40f7-b4b5-356c4d7bb452/1/ptlwSz-mWv6z1CqgmM12UNb4Nxs.roa
File:                     ptlwSz-mWv6z1CqgmM12UNb4Nxs.roa (raw, json)
Hash identifier:          XX3Jzv8psN246CBQBe0tK/SGYSwkqSUHA/CkUHlnZ9k=
Subject key identifier:   A6:D9:70:4B:3F:A6:5A:FE:B3:D4:2A:A0:98:CD:76:50:D6:F8:37:1B
Certificate issuer:       /CN=f6c3e027d2d1c2d36d7c954867226c83b65eb56f
Certificate serial:       94292F
Authority key identifier: F6:C3:E0:27:D2:D1:C2:D3:6D:7C:95:48:67:22:6C:83:B6:5E:B5:6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9sPgJ9LRwtNtfJVIZyJsg7ZetW8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/2b2878-5b79-40f7-b4b5-356c4d7bb452/1/ptlwSz-mWv6z1CqgmM12UNb4Nxs.roa
Signing time:             Mon 14 Mar 2022 15:27:51 +0000
ROA not before:           Mon 14 Mar 2022 15:27:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212104
IP address blocks:        2a12:5844:1110::/44 maxlen: 44

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9709871 (0x94292f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f6c3e027d2d1c2d36d7c954867226c83b65eb56f
        Validity
            Not Before: Mar 14 15:27:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a6d9704b3fa65afeb3d42aa098cd7650d6f8371b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:c4:fd:9e:8b:ae:0a:f9:88:05:0d:ca:0e:e6:
                    99:6d:e6:b9:fa:94:0a:c5:8b:d5:80:1f:ff:8c:cc:
                    82:03:3f:3c:20:ae:f0:d6:a0:35:5f:8d:66:ec:bf:
                    4d:62:75:96:5a:6c:99:c3:23:71:fb:86:e0:b6:bc:
                    07:21:b9:20:1b:fd:68:57:20:3e:76:85:a2:a3:fe:
                    55:b2:00:64:32:24:60:ff:63:4b:08:5e:03:cc:7a:
                    07:4c:19:26:72:4c:07:d6:1a:ec:79:32:9a:70:5a:
                    58:da:1a:9b:d2:3f:83:9f:a6:92:83:48:6a:7b:5a:
                    ba:41:5e:e8:95:4d:61:04:3d:80:ca:0d:7a:68:48:
                    d2:ec:87:e6:2a:0f:e8:56:11:d6:7a:54:c2:1b:b3:
                    0b:74:89:cf:53:7e:ce:72:e4:3c:54:2a:a6:3c:71:
                    3b:40:fd:b7:f7:0c:7e:2d:91:66:cf:c9:e3:de:94:
                    4f:34:e7:52:de:b7:97:06:98:c1:85:0c:50:0c:df:
                    12:a5:49:9d:b5:57:94:70:46:b5:76:5e:65:5d:06:
                    1e:4d:80:5c:13:09:fe:0d:22:2e:60:68:8b:87:3e:
                    89:c6:21:cc:78:96:36:3b:86:26:c7:9e:06:ff:bf:
                    81:6f:aa:37:d3:e2:18:b7:14:e0:b4:b3:04:1f:78:
                    8a:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:D9:70:4B:3F:A6:5A:FE:B3:D4:2A:A0:98:CD:76:50:D6:F8:37:1B
            X509v3 Authority Key Identifier:
                keyid:F6:C3:E0:27:D2:D1:C2:D3:6D:7C:95:48:67:22:6C:83:B6:5E:B5:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9sPgJ9LRwtNtfJVIZyJsg7ZetW8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/2b2878-5b79-40f7-b4b5-356c4d7bb452/1/ptlwSz-mWv6z1CqgmM12UNb4Nxs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/2b2878-5b79-40f7-b4b5-356c4d7bb452/1/9sPgJ9LRwtNtfJVIZyJsg7ZetW8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:5844:1110::/44

    Signature Algorithm: sha256WithRSAEncryption
         9c:00:73:2e:c0:65:77:a5:40:10:3e:50:c5:e1:74:24:a0:6a:
         b5:14:68:18:ae:51:06:89:3d:b3:cd:cd:92:a3:67:79:31:a9:
         48:d0:9f:79:01:ec:33:07:22:64:b0:37:0d:9b:71:fd:d9:13:
         e6:01:a1:10:3b:a6:66:d2:ff:b0:75:4a:f1:8a:9d:a7:69:ac:
         4d:d4:fc:ca:a5:bb:cb:db:1b:d1:8c:6f:13:88:7e:94:51:0e:
         15:a9:85:c4:58:39:bf:2e:69:3c:52:cb:ad:43:6f:6c:e2:17:
         68:a1:01:f5:47:db:e6:8a:84:5f:25:0f:96:cf:6f:23:87:87:
         77:94:56:4b:0d:d7:19:2d:27:f0:57:f4:c0:6f:9f:e2:28:5b:
         2e:cb:ab:66:67:e5:b9:47:20:b3:9a:97:78:c5:8a:45:e9:05:
         f5:62:28:18:73:61:bf:5b:41:8b:c6:38:21:78:37:ac:9f:45:
         d8:ca:82:4f:9a:65:4c:57:0e:1e:0c:df:16:a8:fa:8e:d5:d9:
         5f:2c:fd:ad:10:67:41:53:92:75:00:a4:72:a4:48:a3:17:5f:
         e6:36:e1:d3:16:9b:2d:da:81:47:35:59:1d:67:5e:34:93:0d:
         ad:12:ea:85:56:b8:06:55:2e:09:f0:4d:c9:36:01:ce:70:10:
         a1:a6:20:69
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEAJQpLzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NmMzZTAyN2QyZDFjMmQzNmQ3Yzk1NDg2NzIyNmM4M2I2NWViNTZmMB4XDTIyMDMx
NDE1Mjc1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTZkOTcwNGIzZmE2
NWFmZWIzZDQyYWEwOThjZDc2NTBkNmY4MzcxYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKjE/Z6Lrgr5iAUNyg7mmW3mufqUCsWL1YAf/4zMggM/PCCu
8NagNV+NZuy/TWJ1llpsmcMjcfuG4La8ByG5IBv9aFcgPnaFoqP+VbIAZDIkYP9j
SwheA8x6B0wZJnJMB9Ya7HkymnBaWNoam9I/g5+mkoNIantaukFe6JVNYQQ9gMoN
emhI0uyH5ioP6FYR1npUwhuzC3SJz1N+znLkPFQqpjxxO0D9t/cMfi2RZs/J496U
TzTnUt63lwaYwYUMUAzfEqVJnbVXlHBGtXZeZV0GHk2AXBMJ/g0iLmBoi4c+icYh
zHiWNjuGJseeBv+/gW+qN9PiGLcU4LSzBB94ipECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSm2XBLP6Za/rPUKqCYzXZQ1vg3GzAfBgNVHSMEGDAWgBT2w+An0tHC0218
lUhnImyDtl61bzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlzUGdKOUxSd3ROdGZKVklaeUpzZzdaZXRXOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2YvMmIyODc4LTViNzktNDBmNy1iNGI1LTM1NmM0ZDdiYjQ1Mi8x
L3B0bHdTei1tV3Y2ejFDcWdtTTEyVU5iNE54cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Yv
MmIyODc4LTViNzktNDBmNy1iNGI1LTM1NmM0ZDdiYjQ1Mi8xLzlzUGdKOUxSd3RO
dGZKVklaeUpzZzdaZXRXOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoSWEQREDANBgkqhkiG9w0BAQsF
AAOCAQEAnABzLsBld6VAED5QxeF0JKBqtRRoGK5RBok9s83NkqNneTGpSNCfeQHs
MwciZLA3DZtx/dkT5gGhEDumZtL/sHVK8Yqdp2msTdT8yqW7y9sb0YxvE4h+lFEO
FamFxFg5vy5pPFLLrUNvbOIXaKEB9Ufb5oqEXyUPls9vI4eHd5RWSw3XGS0n8Ff0
wG+f4ihbLsurZmfluUcgs5qXeMWKRekF9WIoGHNhv1tBi8Y4IXg3rJ9F2MqCT5pl
TFcOHgzfFqj6jtXZXyz9rRBnQVOSdQCkcqRIoxdf5jbh0xabLdqBRzVZHWdeNJMN
rRLqhVa4BlUuCfBNyTYBznAQoaYgaQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:36 2024 by rpki-client on console-ams.rpki-client.org